LONDON, May 7, 2025 /PRNewswire/ -- Today, Corero Network Security (AIM: CNS) (OTCQX: DDOSF), the distributed denial of service (DDoS) protection specialists, released its 2025 Threat Intelligence Report, offering new insight into how DDoS attacks evolved throughout 2024. Drawing on global telemetry and independent research from Merrill Research, the report highlights key changes in attacker strategy and mounting complexity for defenders.
Rather than relying solely on large, disruptive floods, attackers are increasingly favoring frequency, evasion, and coordinated execution. At the same time, defenders face growing difficulty keeping pace, hindered by fragmented responsibilities and limited visibility across hybrid environments.
"DDoS is no longer just a matter of stopping packets—it's about identifying patterns, coordinating teams, and mitigating before damage is done," said Ashley Stephenson, Chief Technology and Product Officer at Corero Network Security. "We see a growing gap between how attackers operate and how defenses are organized. Bridging that gap is essential."
Key Findings from the 2025 Report
- DDoS Frequency Reaches New Highs
Corero customers experienced an average of 11 attacks per day in 2024—a 5% year-over-year increase and part of a broader multi-year trend. These frequent, low-volume events serve not just to disrupt, but to probe defenses, consume resources, and desensitize response teams.
- Mid-Sized Attacks Are Declining
Attacks in the 1–5Gbps range, once common for their ability to evade detection while still causing harm, fell from 19.4% of all attacks in 2019 to just 12.4% in 2024. This ongoing reduction suggests a strategic shift, with attackers now opting for either stealthier sub-1Gbps probes or large-scale floods intended to overwhelm infrastructure.
- Attackers Adopt Chained, Adaptive Tactics
Corero observed a growing pattern of multi-vector attacks, in which threat actors rotate between protocols every 30–60 seconds. These "chained vector" campaigns are designed to exploit detection delays and force constant reclassification by defenders—effectively keeping mitigation systems reactive rather than proactive.
- Operational Gaps Hamper Defense
Findings from a survey conducted by Merrill Research and sponsored by Corero underscore the human and organizational challenges defenders face. Over 50% of respondents cited difficulty coordinating across teams, and 68% reported challenges demonstrating the ROI of DDoS protection to leadership. These challenges persist even in organizations with modern tooling.
"The data suggests DDoS background noise, in the form of smaller attacks, is increasingly a precursor to more dangerous DDoS incidents," Stephenson added. "Defenders can't treat these background attacks as exceptions. They are the new normal, and response needs to be integrated, automated, and cross-functional."
The full 2025 Threat Intelligence Report is available now at http://www.corero.com/threat.
About Corero Network Security
Corero Network Security is a leading provider of DDoS protection solutions, specializing in automatic detection and protection solutions with network visibility, analytics, and reporting tools. Corero's technology protects against external and internal DDoS threats in complex edge and subscriber environments, ensuring internet service availability. With operational centers in Marlborough, Massachusetts, USA, and Edinburgh, UK, Corero is headquartered in London and listed on the London Stock Exchange's AIM market (ticker: CNS) and the US OTCQX Market (OTCQX: DDOSF).
View original content to download multimedia:https://www.prnewswire.com/news-releases/coreros-2025-threat-intelligence-report-reveals-strategic-shifts-in-ddos-tactics-and-rising-operational-strain-for-defenders-302447690.html
SOURCE Corero Network Security
